Description:
A vulnerability was reported in Ipswitch WhatsUp Gold. A remote user can inject SQL commands.

Multiple '.asp' pages on the web interface do not properly validate user-supplied input. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database.

Impact:
A remote user can execute SQL commands on the underlying database.